Certificates are not installed if they are placed inside %localappdata%

VERIFIED FIXED in Firefox -esr60

Status

()

VERIFIED FIXED
5 months ago
4 months ago

People

(Reporter: emilghitta, Assigned: mkaply)

Tracking

Trunk
Firefox 65
All
Windows
Points:
---

Firefox Tracking Flags

(firefox-esr6064+ verified, firefox63 unaffected, firefox64 verified, firefox65 verified)

Details

Attachments

(2 attachments)

(Reporter)

Description

5 months ago
Posted file policies.json
[Affected versions]:
Firefox 65.0a1 
Firefox 64.0b6 

[Affected platforms]:
Windows 10 64bit.

[Preconditions]:
1. Download the root certificate from http://www.cacert.org/index.php?id=3 and place it inside %USERNAME\AppData\Local\Mozilla\Certificates 
2. Place the attached json file inside the distribution folder.

[Steps to reproduce]:
1. Launch Firefox.
2. Access the about:preferences page.
3. Search for Root CA inside the Certificate Manager.

[Expected result]:
The certificate is successfully installed.

[Actual result]:
The certificate is not installed.

[Note]:
It seems that the certificates are successfully installed via policies.json if they are placed inside %USERNAME\AppData\Roaming\Mozilla\Certificates

Comment 2

5 months ago
Pushed by mozilla@kaply.com:
https://hg.mozilla.org/integration/autoland/rev/30bc16db58ab
Read certs from local and roaming on Windows. r=Felipe

Comment 3

5 months ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/30bc16db58ab
Status: NEW → RESOLVED
Last Resolved: 5 months ago
status-firefox65: affected → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 65
Assignee: nobody → mozilla
(Reporter)

Comment 4

4 months ago
This issue is verified fixed using Firefox 65.0a1 (BuildId:20181111220121) on Windows 10 64bit.
Status: RESOLVED → VERIFIED
status-firefox65: fixed → verified
Does this need uplift to Beta?
Flags: needinfo?(mozilla)
(Assignee)

Comment 6

4 months ago
Comment on attachment 9023721 [details]
Bug 1504691 - Read certs from local and roaming on Windows.

[Beta/Release Uplift Approval Request]

Feature/Bug causing the regression: Bug 1474683

User impact if declined: Can't import from certain locations,

Is this code covered by automated tests?: No

Has the fix been verified in Nightly?: Yes

Needs manual test from QE?: No

If yes, steps to reproduce: 

List of other uplifts needed: None

Risk to taking this patch: Low

Why is the change risky/not risky? (and alternatives if risky): Adds another path to list, very low risk.

String changes made/needed:
Flags: needinfo?(mozilla)
Attachment #9023721 - Flags: approval-mozilla-beta?
Comment on attachment 9023721 [details]
Bug 1504691 - Read certs from local and roaming on Windows.

policy engine tweak, verified in nightly; approved for 64.0b10
Attachment #9023721 - Flags: approval-mozilla-beta? → approval-mozilla-beta+

Comment 8

4 months ago
bugherderuplift
https://hg.mozilla.org/releases/mozilla-beta/rev/23d0264564e5
status-firefox64: affected → fixed
(Reporter)

Comment 9

4 months ago
This issue is verified fixed using Firefox 64.0b10 (BuildId:20181115150739) on Windows 10 64bit.
status-firefox64: fixed → verified
(Assignee)

Comment 10

4 months ago
Comment on attachment 9023721 [details]
Bug 1504691 - Read certs from local and roaming on Windows.

[ESR Uplift Approval Request]

If this is not a sec:{high,crit} bug, please state case for ESR consideration: Followup fix to bug 1474683

User impact if declined: Certs import from the wrong location on Windows

Fix Landed on Version: 64

Risk to taking this patch: Low

Why is the change risky/not risky? (and alternatives if risky): Just adds directory to existing patch

String or UUID changes made by this patch:
Attachment #9023721 - Flags: approval-mozilla-esr60?
Comment on attachment 9023721 [details]
Bug 1504691 - Read certs from local and roaming on Windows.

Fix for policy issue, verified in nightly, let's uplift for ESR.
Attachment #9023721 - Flags: approval-mozilla-esr60? → approval-mozilla-esr60+
status-firefox-esr60: unaffected → affected
tracking-firefox-esr60: --- → 64+
(Assignee)

Comment 12

4 months ago
https://hg.mozilla.org/releases/mozilla-esr60/rev/6f64e970b7e97d84b36211377a4eb2f5ea112855

This was built locally on the ESR branch and tested.

Emil, can you test when landed?
status-firefox-esr60: affected → fixed
(Reporter)

Comment 13

4 months ago
This is verified fixed using Firefox 60.3.1esr (provided in comment 12) on Windows 10 64bit.
status-firefox-esr60: fixed → verified
You need to log in before you can comment on or make changes to this bug.